Creating an encrypted backup on a USB stick

USB sticks are 1) slow to write and 2) wear out. I've previously ruined a stick by creating a LUKS encrypted filesystem on one and then rsync'ing my home directory to it.

My work-around has been to create the filesystem in a Logical Volume on my hard disc and then dd it

However, this doesn't work (anymore?). cryptsetup luksOpen of the USB stick fails:

Jul 26 14:40:57 frodo kernel: device-mapper: table: 254:29: crypt: Device size is not multiple of sector_size feature (-EINVAL)
Jul 26 14:40:57 frodo kernel: device-mapper: ioctl: error adding target to table
This can be further worked around by mapping a loop filesystem of the correct size onto the LV:
losetup --show --sizelimit 123730388992 -f /dev/vg1/templv

Example commands

## what is the size of the USB stick?
lsblk -b /dev/sdd
# NAME MAJ:MIN RM         SIZE RO TYPE MOUNTPOINTS
# sdd    8:48   1 123730388992  0 disk

## create LV of that size
lvcreate -n temp -L123730388992b vg1

## but it's too big
lsblk -b /dev/sdd /dev/mapper/vg1-temp
# NAME     MAJ:MIN RM         SIZE RO TYPE MOUNTPOINTS
# sdd        8:48   1 123730388992  0 disk
# vg1-temp 254:15   0 123731968000  0 lvm

## so set up a loop device
losetup --show --sizelimit 123730388992 -f /dev/vg1/temp

cryptsetup luksFormat /dev/loop0

cryptsetup --verbose --debug luksDump /dev/loop0  | grep "Device size"
# Device size 123730388992, offset 16777216.

cryptsetup luksOpen /dev/loop0 enc-usb

mkfs.f2fs /dev/mapper/enc-usb
mount /dev/mapper/enc-usb /mnt/usb

# now rsync the files to /mnt/usb

umount /mnt/usb/
cryptsetup luksClose enc-usb
losetup -d /dev/loop0

# copy to USB
dd if=/dev/vg1/temp of=/dev/sdd bs=4M status=progress